Dextro

@miklb: query_posts really ignores all the parameters it receives via the url.

@alphaoide: Thx! That’s what I was looking for.

On https://codex.www.ads-software.com/Template_Tags/query_posts, you can read that WordPress then ignores the other parameters it receives via the URL (such as page number or category)

I just want the query to use this parameters, but exclude a specific category.

Put them in 1 category and don’t category in your theme?

thx, that’s indeed what i’m looking for.
But it doesn’t work very wel. <h1> tags are still parsed.

The website is apparantly back online.

Ok, The comment on top was missing.

Thx a lot for this great explanation.

Moshu: archives.php and so on are all in the theme directory.

So I don’t get it why they don’t show up.

It’s the same with the default template. They don’t show up in the template list. I’m using version 1.5.1.

Same problem here.

In my drop down list, there’s only:
-select-
_wp_page_template

So no other template is detected.

ok, let me know if you can reproduce the same problem.

link_pages runs perfectly, but wp_link_pages not, very strange.

I just copy-pasted the code like it is written here above.

The security problem is that you can see the whole path structure where your wordpress is installed. For example with the website of macmanx:
Go to: https://www.macmanx.com/wordpress/wp-content/themes/default/index.php

and you get:
Fatal error: Call to undefined function: get_header() in /home/macmanxc/public_html/wordpress/wp-content/themes/default/index.php on line 1

Now you have the full path of the installation on the server, also known as Full Path Disclosure, but apparantly no one has ever heard of that here before.

I just want to help making things safer, no problem for me. I don’t use WordPress.

.

What could be the avantage of an indexless dir?

neuro: about point 1, you’re right, i forgot that. And an empty index is a good alternative.

All the other crap you wrote under it sais more about you then about me… Btw, where did I wrote that phpnuke was a modele?
I discover nothing, it was only a simple question, but apparantly you folks don’t accept ‘new’ people in here… Especially the sentence about growing up doesn’t make sense in any way.

Just don’t forget, a peace of code can only come better if you folks accept some criticism. And yes, I have some other questions and things that maybe could be better, but I now just discovered that it is better to shut up in here.

In all other projects (Drupal, php-nuke, …), they take this stuff seriously.

I think it should be wise to ad this the default .htaccess file:

Options All -Indexes
# Turn off display_errors
php_flag display_errors off


I know that’s a solution for the open dir problem, but maybe this should be in de .htaccess in the initial installation.

And it doesn’t change anything with the full path disclosure:
https://www.example.com/wp-content/themes/default/index.php